My suggestion is for the site to use HTTPS in order to protect user passwords. Even though it's a public forum, many people tend to use the same password across sites, so if a password was grabbed by a hacker for babybmw, chances are the password might work somewhere more important like Gmail or a bank login. Also this could protect your PMs from being read by others if you're on an untrusted network (coffee shop or at work) - it's really easy for somebody with the right tools to intercept plain HTTP traffic.